Possible to get email alert on authentication failures?

NGUSER6947

Is there a way to get an email alert if there's an authentication error (such as someone trying to brute-force my admin password)?

I know you can set up alerts through gmail but it's not clear what actually constitutes an 'alert' that will go out.

Thanks!

KOM

@nguser6947 You have people on your LAN trying to guess your pfSense login? WebGUI should never be exposed to WAN. Use a VPN to manage it remotely. If local, pfSense already has built-in login protection under System - Advanced - Admin Access - Login Protection.

Gertjan

@nguser6947 said in Possible to get email alert on authentication failures?:

I know you can set up alerts through gmail but ....

And when the attack arrives, you'll brut-mail-bomb gmail with these notifications.
They might not like that.

If even the LAN is untrusted, just leave it 'not connected' and use OPT1,2,3 etc for LAN access, and firewall pfSense GUI/SSH connections. No more need for mails as the access is 'impossible'.

NGUSER6947

Thank you for the input. Of course, you're correct that there shouldn't be any access attempts, as I do not have remote access enabled.

KOM

@nguser6947 You can also create some LAN firewall rules to prevent access to WebGUI by anyone except your workstation.